Citadel is a ZeuS variant that is responsible for infecting what is believed to be millions of computers across the globe in the hopes of stealing financial information through key logging and form grabbing and using that information to steal money from the bank accounts of infected victims.

This latest takedown, known as Operation b54, disrupted the operation of over 1,400 different Citadel botnets almost simultaneously. While that indeed is a staggering number, it most certainly doesn't spell the end of Citadel or the theft of money from infected computers. The very nature of Exploit Kits and how incredibly easy it is for cybercriminals to set up new versions of Citadel means that others will undoubtedly take the place of these.

An interesting side story to Operation b54 is that there are some reports out there that this takedown may have had some collateral damage. A number of security researchers have reported that a number of the domains seized by Microsoft (a procedure known as sinkholing) were already sinkholed and being used to research Citadel.

Cybercriminals aren't going to just pack up and go home after this large action by Microsoft. Until we can arrest and prosecute the cyber gangs behind these thefts, they'll likely slowly rebuild their networks of bots and continue pilfering unwary netizens.

If you'd like to read more about crimeware and how much money is being made, FortiGuard Labs has published a significant amount of information on the inner workings of this world. You can grab a copy here.